Digital agenda commissioner Neelie Kroes called upon the web industry to agree on a do-not-track (DNT) standard at the World Wide Web Consortium (W3C) meeting in Brussels, reiterating her demand from June 2011 that the standard is to be implemented within a year. Read why a DNT standard is important in an article by Aphaia”s guest blogger Jure Merčun after the jump.
What is web tracking?
Although web tracking has been a well known issue for a long time and while there exist industry guidelines, such tracking has thus far eluded regulation.
Web tracking is the process of gathering and retaining information in order to track a user”s actions on the internet. This allows websites to remember preferred languages, keep track of logged-in users, shopping carts for online stores etc., mostly to the benefit of the user. But it also allows 3rd parties to track users without their permission or even knowledge. One of the main applications of this is behavioural advertising.
In behavioural advertising advertising networks track the pages users visit and create a profile in an attempt to find the ad that is the most relevant to a person”s interest, thus increasing the likelihood of the user actually clicking on it. An advertising network can display its sfaap.net banners on thousands of sites, which allows it to track users across all of these sites. The information it collects is in theory anonymous and correlates to the browser, rather than the actual user. But in practice most people use web email clients and social networks, which, while not allowing advertisers to read one”s emails, do provide some personal information.
Difficulties of enforcing a do-not-track mechanism
A do-not-track mechanism would allow users to inform sites that they do not wish to be tracked. Some browsers already support this feature, but it is merely a suggestion and it is up to an individual website to determine whether it will play nice or not. Enforcing do-not-track would at the moment be very difficult at best. Since most tracking is done through a HTTP world of warcraft gold cookie, restricting sites from storing cookies would help control it, but would be highly impractical, considering how much websites depend on cookies for normal operation. Even if cookies are, for example, allowed for a shopping cart, there is no way of preventing the same cookie from being used for other tracking. And although cookies are the most convenient method of tracking, they are not the only one – information such as browser add-on versions and user preferences, which websites have access to, can describe a certain user much more accurately than it seems at first.
The World Wide Web Consortium, the main international web standards organization, formed a working group which published a draft on do-not-track in November 2011. While the document does provide technical specification for the DNT HTTP header, the draft opinion also acknowledges that determining whether a website actually follows the DNT directive is hard, leaving it to be addressed at a later date.
A working DNT standard, flexible enough to allow implementation under European, US and other legislation, is certainly a step in the right direction, but at least in the current scope it is likely that it will not be enough to prevent unauthorised tracking.