Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Advertising Privacy The Internet

5 Years Later, 'Do Not Track' System Ineffective 254

An anonymous reader sends this excerpt from ComputerWorld: "In 2009, a few Internet privacy advocates developed an idea that was supposed to give people a way to tell websites they don't want to be monitored as they move from website to website. The mechanism, which would eventually be built into all the major browsers, was called Do Not Track. ... But today, DNT hangs by a thread, neutered by a failure among stakeholders to reach agreement. Yes, if you turn it on in your browser, it sends a signal in the form of an HTTP header to Web companies' servers. But it probably won't change what data they collect. That's because most websites either don't honor DNT — it's currently a voluntary system — or they interpret it in different ways. Another problem — perhaps the biggest — is that Web companies, ad agencies and the other stakeholders have never reached agreement on what "do not track" really means."
This discussion has been archived. No new comments can be posted.

5 Years Later, 'Do Not Track' System Ineffective

Comments Filter:
  • by Anonymous Coward on Thursday May 22, 2014 @09:18AM (#47065709)

    You can't trust ad agencies even if it was spelled out in law. There are always parties who just don't care about anything but making money.

    If you want to not be tracked use some anonymizing technologies.

    • There are always parties who just don't care about anything but making money.

      Theyre called "businesses".

    • Comment removed (Score:4, Insightful)

      by account_deleted ( 4530225 ) on Thursday May 22, 2014 @10:48AM (#47066853)
      Comment removed based on user account deletion
      • by Anonymous Coward

        Having gone through this exercise of asking nicely to not be tracked, we are now protected against any accusations of over-reaction on our part when we defend ourselves from tracking by technological and legal means.

    • If you want to not be tracked use some anonymizing technologies.

      The problem with Do Not Track all along is that it has been voluntary. People who don't want to honor it just don't honor it.

      OP's argument that "stakeholders" (a very misleading term here) can't agree on what it means is just plain BS. Everybody knows what it means. They just can't agree on which deliberately distorted interpretation of it best fits their business.

  • I bought an mp3 on Amazon, went to facebook on the same tab before closing my browser, and found an ad for the same song had slipped through adblocker.
    • by Anonymous Coward

      I find the adverts for something I've just bought even more pointless, I'm hardly going to buy it twice !

  • by drunkennewfiemidget ( 712572 ) on Thursday May 22, 2014 @09:21AM (#47065755)

    Also: water: wet. Sky: blue. Rob Ford: drunk and high.

    More at 11.

  • by P0ltergeist333 ( 1473899 ) on Thursday May 22, 2014 @09:25AM (#47065799)

    I use a script blocker and am testing out EFF's Privacy Badger: https://www.eff.org/privacybad... [eff.org]

    I feel pretty well about my privacy from private enterprises, and luckily I have nothing to hide from the NSA.

    • I use a DNS (hosts file) based ad blocker. Works great. Although I'm less concerned about being tracked than I am about someone using ad networks as a vector for malware.

      I'm not opposed to advertising, but until ad networks can be trusted, I'm going to leave the blocks in place.

      • by qbast ( 1265706 )

        I use a DNS (hosts file) based ad blocker.

        Don't even use these words. They attract crazy posts from insane troll.

  • Web companies, ad agencies and the other stakeholders have never reached agreement on what "do not track" really means.

    Said one CEO, "I thought it was for the NSA."

  • by Kjella ( 173770 ) on Thursday May 22, 2014 @09:26AM (#47065811) Homepage

    Another problem â" perhaps the biggest â" is that Web companies, ad agencies and the other stakeholders have never reached agreement on what "do not track" really means.

    "Do not track" is dead because the meaning is so obvious that they couldn't find a way to gut its meaning while pretending to give it lip service.

  • "A Contract" (Score:5, Insightful)

    by TrollstonButterbeans ( 2914995 ) on Thursday May 22, 2014 @09:30AM (#47065845)
    "Do not track"?

    Everyone wants everything for free, and so there is advertising.

    The entire idea of "do not track" was ludicrous.

    Everyone wants their free lunches with no strings attached, but there will always be strings.
    • Re:"A Contract" (Score:5, Insightful)

      by sjames ( 1099 ) on Thursday May 22, 2014 @09:47AM (#47066017) Homepage Journal

      NO. People just don't want the web equivalent of a radio collar attached to them. They do not want to be stalked by creepy advertisers. They can advertise without stalking. Advertising survived and flourished for centuries without stalking.

      • Re:"A Contract" (Score:5, Informative)

        by gstoddart ( 321705 ) on Thursday May 22, 2014 @09:53AM (#47066115) Homepage

        People just don't want the web equivalent of a radio collar attached to them. They do not want to be stalked by creepy advertisers.

        And for me, that is one of the main reasons I quite aggressively block as much of this shit as possible.

        Between companies like bright cove, scorecard research, and the literally dozens of tracking companies on the average web page, I have found I simply won't use the web without things like NoScript, and Ghostery, and as many as I can find for the browser I'm using.

        Some web pages literally have 25 (or more in some cases) external entities who want to track what I do .. Facebook, Linked in, Google Analytics, and countless piles of crap.

        I don't give a crap about your revenue model or your social media campaign -- I sure as hell didn't sign up for 50 entities I've never heard of knowing every site I visit.

        Thankfully, there are plenty of really good privacy extensions out there. The more you have, the better. Because it's astounding just how much complete shit is embedded in every page -- which is not only bleeding out your personal information, but using up your bandwidth.

        • So many, many people simply don't understand TANSTAAFL.

          Seriously - do you think everything is out there on the web solely for your convenience?

      • by 0a100b ( 456593 )

        Exactly, the euphemism "tracking" should be dropped and it should be called by its proper name: stalking.
        I hope, most likely in vain, that cyberstalking laws could (one day) be used against these stalking advertisers.

    • by Anonymous Coward

      My free lunch is paid for with a ludicrously high monthly bill from my ISP.

    • Done it say do not advertise?? In my book spying on consumers that don't want to be spied apon make bad customers. Like me, I've never ever clicked on an AD ever on purpose. I have been tricked into clicking ads guess what? I've never ever bought anything ever. Get it? You can still advertise, you make ads relevant TO THE SITE VISTED or is that too hard? that is IMO
    • Do not track does not prohibit advertising. It is privacy for which websites you visit. Advertisers love that info to target ads and talor them to their target demographic. Let's face it, most beginning programmers are not interested in golf clubs. A guy shopping for an RV is a much better target.

      Back on topic, I f I have an online persona that may be a grey area and I don't want a future employer to find out, while using a public hotspot, I could use a PC without a hard drive to boot from a Live CD to

    • by Vokkyt ( 739289 )

      If they don't want to offer up the content to those with adblockers or other DNT indicators, then they should just bite the bullet and do so.

      It's not that people want their lunch for free, it's that they were provided a lunch without ever discussing the price and then hit with a price some folk didn't want to pay. It doesn't help that the price can often be a lot more than just the annoyance of an advertisement. Drive-by attacked from ads that don't get vetted are still a common reality -- scam websites a

    • I would not mind advertising if there were responsible advertisers. Instead this is like a war, the ads become bigger and more intrusive. Ads slow down our computers, some carry malware, some use popups, etc. In broadcast television in the US it is somewhat typical to have less than 25% of the time being spent on ads, but on the internet the vast majority of data being transferred may be advertisements! Ie, read a simple 2 line text mail message in a web browser while being shown very large images.

      Turni

      • by hawk ( 1151 )

        >Ads slow down our computers,

        I suppose it's nearly 20 years ago now . . .

        On a 486, which was still respectable though not top of the line at the tie, I had two full pages open (large monitor for the time), and both hit ad-heavy pages.

        It brought the machine to its knees.

        I installed junkbuster.

        To this day, I don't block ads. But I'm downright aggressive with anything that blinks (or moves, or scrolls, or . . .), including "content"

        hawk

    • by praxis ( 19962 )

      "Do not track"?

      Everyone wants everything for free, and so there is advertising.

      The entire idea of "do not track" was ludicrous.

      Everyone wants their free lunches with no strings attached, but there will always be strings.

      No, not everyone. I would love to pay for a service that's worth the cost rather than use a heavily-tracking service. That's why I chose a private RSS aggregator which charges $20 a year rather than Feedly.

      I'll vote with my wallet and give money to companies that have a product worth buying. I will not buy in to a business model that's revolting to me. Don't fucking tell me I want my shit for free. Man up and sell it to me.

  • HaHAHAHAHAHAHAHAHA In Europe, even if there is some degree of lipservice going on, there is some real teeth in a LAW. DNT was a joke from the start with nothing to back it up.
  • by GlennC ( 96879 ) on Thursday May 22, 2014 @09:46AM (#47066003)

    I certainly didn't figure this to work at all. I'm actually surprised that the "Do Not Call" list works as well as it does.

    As for me, ABP, NoScript, BetterPrivacy and Ghostery seem to do the job well enough

    • by Zocalo ( 252965 )
      Another of those things where you need to be proactive take responsibility for your own safety on-line. The marketing companies have done nothing to help combat malicious advertisements and will quite happily farm as much information as they can whether people want them to or not, so fsck 'em. ABP, NoScript et. all, combined with hosting my own DNS zone for the domains of the larger ad/tracking firms and mapping all their hosts to 127.0.0.1 have ensured I haven't seen a single third party ad, malicious or
    • by L4t3r4lu5 ( 1216702 ) on Thursday May 22, 2014 @10:00AM (#47066225)
      Swap Ghostery for Disconnect. The dev behind Ghostery sells metrics data to advertisers which helps them target their advertising. http://www.businessinsider.com/evidon-sells-ghostery-data-to-advertisers-2013-6 [businessinsider.com]
      • by Anonymous Coward

        Maybe you missed the part that this is an opt-in thing?

        • by Xolvix ( 3649657 )

          Why the shit would anyone deliberate enable a data-sharing function in an extension specifically about enabling personal privacy? Unless there was an assumption that the data was only going to be used for the benefit of improving the extension and not to sell to advertisers (naive as that assumption may have been).

      • Good call, I plan on testing out Disconnect later on tonight.

    • by DMUTPeregrine ( 612791 ) on Thursday May 22, 2014 @10:12AM (#47066413) Journal
      "Do Not Call" is enforced by law, you can sue for violations. You can't sue over violations of "Do Not Track" and so it is useless.
      • For about a year after Do Not Call the number of calls drastically declined. Then they started back up. Right now it's basically easier for me to NEVER answer the phone than to try to report every caller. Especially ridiculous right now with the primary elections coming up (none of these campaigns will ever honor Do Not Call because they don't consider themselves to be telemarketers).

        So the solution of refusing to use the phone (it's for dial-out only) could be applied to the internet if it gets bad enou

  • Isn't this like that April Fools RFC?

  • In principle it's supposed to stop telemarketers from bugging you. But in reality you still get calls because companies that you are currently doing business with are allowed to solicit you. Companies lobbied Congress for a loophole and got it.

    As long as Do Not Track is voluntary it will be ineffective.

  • Send a hot woman to walk naked in front of a frat house holding up a "do not take pics" sign and see if that works. Same idea.

  • by aepervius ( 535155 ) on Thursday May 22, 2014 @09:55AM (#47066147)
    Honoring a DNT would mean a high risk that sooner or later the majority of the page served would ask to not track. And that would have meant to return to the old day of "dumb" TV like advertising where they do only lknow statistically who is watching the ad, but not idnvidually. This would mean billions of $ of market evaporating.

    From the get go advertised never intended to honor DNT, they simply slowed down any discussion and finally simply pulled excuse out of thin air to not honor it.

    And the result is : thanks ghostery, noflash, adblock, and referer check.
  • Happily, the author is not connected to the ad industry: https://abine.com/donottrackme... [abine.com]

  • The timing of this amuses me, given what I recently saw on Yahoo. They've updated their privacy policy to say they ignore DNT. But since marketing types have to spin everything, they bill it as:

    Thank you Yahoo for caring about my experience! :P

  • by mrvan ( 973822 ) on Thursday May 22, 2014 @10:20AM (#47066521)

    Your post advocates a

    (X) technical ( ) legislative ( ) market-based ( ) vigilante

    approach to fighting tracking. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Trackers can easily use it to harvest email addresses
    ( ) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    ( ) It will stop trackers for two weeks and then we'll be stuck with it
    ( ) Users of email will not put up with it
    ( ) Microsoft will not put up with it
    ( ) The police will not put up with it
    (X) Requires too much cooperation from trackers
    ( ) Requires immediate total cooperation from everybody at once
    ( ) Many email users cannot afford to lose business or alienate potential employers
    ( ) Trackeres don't care about invalid addresses in their lists
    ( ) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    (X) Lack of centrally controlling authority for email
    ( ) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    (X) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    ( ) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    ( ) Willingness of users to install OS patches received by email
    ( ) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    (X) Extreme profitability of tracking
    ( ) Joe jobs and/or identity theft
    ( ) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with trackers
    (X) Dishonesty on the part of trackers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    ( ) Outlook

    and the following philosophical objections may also apply:

    (X) Ideas similar to yours are easy to come up with, yet none have ever
    been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    ( ) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    ( ) Sending email should be free
    ( ) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    (X) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government reading my email
    ( ) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    (X) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your
    house down!

  • by Anonymous Coward

    Thanks Apache for being pretentious assholes and hard coding your web-server to ignore the do not track flag when sent by I.E.

  • I told you so 5 years ago, but of course no one listened to me.

  • DNT was dead the moment a vendor, and not the user, made the decision to set the flag on by default. Why should any content provider respect the wishes of a browser company, with regards to tracking?
    • by Anonymous Coward

      > Why should any content provider respect the wishes of a browser company, with regards to tracking?

      Because DNT is opt-in and making a product choice has almost always been considered opt-in (they ensure it with an accepted EULA).

    • by Anonymous Coward

      DNT was dead the moment a vendor, and not the user, made the decision to set the flag on by default

      That line does not even make sense. How does a user set that flag "by default" ?

      DNT was dead to the user when companies demanded, and got the right to ignore it.

      Everything after it was just circus, beating a dead horse while telling everyone that the slapping sound was the indication many people where working hard on it.

      And pardon me, but believing DNT could work would be as stupid as leaving your wallet i

  • It helped divert attention to privacy issues to a dead end for 5 years!

  • It's as dumb of an idea as thinking a "do not mug me" shirt would be worthwhile in a high-crime area, and (by measure) it's probably less effective than a rock that keeps tigers away. [evergreenterrace.com.au]

    • I disagree. While its effectiveness at stopping tracking was never much at doubt, it very much brought out into the open how sleazy the advertising companies are. Ad companies for years paid lip-service about how they, of course, understood people's concerns but -because of how extensive their networks were - there unfortunately was no easy way to address these issues without actually tracking the users. Remember how you could go to doubleclick.net and have them set a special cookie that said "don't track m

  • We shouldn't lose sight of the small victory here. Regardless of how it's handled, it's important that the end user can go on record as having requested more a tiny millibob of actual respect.

    We also need a companion flags: YESISETITMYSELF and IFYOUBLOWMEOFFYOUREANASSHOLE.

    • Ruminant self-castigation concerning my previous post.

      Fingers and foghorn were clearly operating at different stages of rubbing the sand out of their eyes. Waking up is hard to do. Harrumph. Nothing burnishes one's wit like mucking up one's determiners twice in two sentences.

      I blame it all on eliding the apostrophe from the all-caps. That small joke went against the soul of my being. It was like The Scream welling up inside me.

      It just struck me that we should change the name of the apostrophe as used i

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...