From the latter thread, Stacy Martin at Mozilla represents "Google Analytics will not correlate or report on any customer data with any other data, they will use Mozilla data only to provide and maintain the service for Mozilla, and they will not share or use it for any other purpose."
EDIT: The contractual arrangement is relevant. Section 9.3 item 2 of the IETF do-not-track draft draws has an exception for this very situation, "data obtained by a third party exclusively on behalf of and for the use of a first party".
The bug report is not about the legal contractual agreement between Google and Mozilla, but rather about user expectation from a "do not track me" option. Some users, maybe faulty or silly, consider a "do not track me" option to simply mean, do not track me.
It doesn't mater if Google sign a service contract that Mozilla pays $150k/year. "Do not track me" means, do not track me. It doesn't matter if Google promise to not be evil. Do not track me still means, do not send tracking data to Google. It doesn't even matter how extremely useful or good intention Mozilla or Google has with the tracking data. "Do not track me" really do mean, do not track me.
"Do Not Track is a feature in Firefox that allows you to let a website know you would like to opt-out of third-party tracking for purposes including behavioral advertising. It does this by transmitting a Do Not Track HTTP header every time your data is requested from the Web."
While you can debate whether that's the appropriate place for that information, it's not as if Mozilla is hiding this information. It's easily reached, and not at all intentionally hidden away. Nothing devious. Just a question of how to appropriately display the information.
It's interesting that the summery text on their Do Not Track FAQ has zero mentioning that tracking is redefined as "third-party tracking", but the FAQ question "What is Do Not Track" does. The summery is more in line with common expectation of the word tracking, while the FAQ question is more in line with the definition scope found in the standard.
An easy fix, would be to add "third-party" next to the word tracking in the option menu.
When in doubt about naming something, name it what it is.
Safari says even less about DNT (Ask websites not to track me) and the help isn't much better, though they have a separate section for blocking 3rd party cookies. But that's different from DNT.
This is a case where DNT as an industry standard means one thing to the industry, and one thing to the uneducated public. Damned if they do, damned if they don't.
Serious question. I think that's what's being suggested here?
So yes, I think there is a clear distinction between "do not track me" and one that is limited to any specific tracking techniques.
For example: You come on to my site, I want to know how you're using it, I don't want your personal details, I just want to see how you're interacting with the site I've made for you. Why do I want to know? Well it depends on the purpose of the site, but for the most part it is so that I can optimise and improve what my site offers to you and others.
But you've politely requested that I don't track you. For starters this should only ever be a polite request, not a forced rejection of any tracking scripts. I have a right to track how people use my site. You have a right to privacy, but that's got bugger all to do with you coming on to my site, once you've made that choice you are within my domain, under my roof, living by my rules. Until you leave of course.
Some sites may respect that request, but they're the kind of site who have no need to track behaviour anyhow, and are likely not tracking to begin with. kind of makes the request moot.
People get way too offended by analytics tracking when it's there for their benefit. The internet would be one ugly place if webmasters and designers had no clue how people were interacting with it. If you want to go back to the dark ages then feel free to try. But you won't benefit from the advances we've made or are yet to make because of large scale, anonymous tracking across the web.
I've no respect for Do Not Track. It is a silly, backwards, progress-endangering concept that should be burnt on a pyre.
Think of a scenario where a site is maliciously tracking you, where a forced browser level request could to not track be sent, and maybe we'll talk. But then again I'll probably just retort that any malicious tracking will have a way around such a forced request, and so it's pointless.
Do Not Track is snake oil for the conscientious objector.
But you don't have a right to say what runs on my computer, or make it tell you what I'm doing. This is where our perceived rights collide.
>> once you've made that choice you are within my domain, under my roof, living by my rules.
No, my computer, my browser, my roof, my rules.
>> People get way too offended by analytics tracking when it's there for their benefit.
No, people get offended when you try to turn their computer into a device that spies on them. And we get more offended that this sort of stuff happens without most people even being aware its going on. They may or may not object to it, but right now they don't even know.
And it's so lovely of you to have made the decision for me that it's to my benefit, so I don't have to worry about pesky things like privacy concerns, or having control over my own computing.
>> Do Not Track is snake oil for the conscientious objector.
This is about the only thing we agree on. It's pointless and it was never going to achieve anything.
Seriously, people should be warned that they are tracked, the purpose for which they are tracked and what exactly is tracked. Google Search for example is giving warnings lately, that you have to manually dismiss (probably because of EU laws) and I view that as being progress.
On the other hand demanding of publishers to not track you while you're on their property is unreasonable. Of course, you can complain about it, you can stop using such services or websites and so on. Voting with your wallet (or eyeballs) still works, even on the web.
I also view the "Do Not Track" header as a good thing, because it's an automated way for publishers to respect your wishes, should they choose to do that. But customers must also understand that this header represents a kind request, nothing else and we shouldn't make it something else, as that's a slippery slope.
Running in my browser.
>> On the other hand demanding of publishers to not track you while you're on their property is unreasonable.
I'm not on their property.
I'm fairly happy for them to record what they can see at their end in terms of what pages I go to, but I find it very unreasonable to demand that I run whatever code the website operator asks me to run, to turn my computer into a machine that reports anything/everything about my site interaction to anyone the site owner feels like, and all on the basis of an implied social contract of some form.
The only thing I find reasonable is for users to be warned that they are tracked, precisely for enabling them to move to alternatives that better respect their wishes.
His website is running in your browser by your choice, not his ;-)
>> His website is running in your browser by your choice, not his ;-)
Excellent, now how do I know ahead of time, or without digging through the source, which sites are going to try and run this stuff?
--edit-- Also, and here's the rub - again I just requested some data from his server, and it provided it to me. I made no promise to render or run it in the way he wants. If he has requirements about that sort of thing then maybe he needs to specify them.
This would be fair to both users and publishers.
As I implied in my other comment, this is a false dichotomy; by using browser extensions, I can and do control my browsing experience to benefit from sites that track while preventing them from tracking.
The very concept that I should subject myself to the whims of web sites is completely counter to the history and culture of the net.
Usually when someone says as simple as that, it clearly is not that simple.
I use Ad-Block Plus and Ghostery for all my web browsing, and have both Ad-Block Plus set to block _all_ ads and Ghostery set to block _all_ tracking scripts.
These extensions do not make 'polite requests'; they directly control the browsing experience to my benefit.
I (and my extensions) control my browsing experience, not you.
(You can argue that this is unfair, but in the long run I believe the outcome will be a better business model for sites to make money.)
> I believe the outcome will be a better business model for sites to make money
You might be interested in the Firefox section of http://crunchbang.org/forums/viewtopic.php?id=24722, if your serious about your privacy and security.
Secondly, in my ordinary web browsing, I'm not trying to avoid all tracking whatsoever - I'm much more interested in blocking the 99.9% low-hanging fruit of commercial 3rd-party tracking. If I really was paranoid / needed to prevent tracking completely, I'd use a much more sophisticated setup.
> since you seem to want the web to return to byzantine times?
My comment was bascially arguing that there _is_ a continuum, and that it is possible to block the vast majority of 3rd-party trackers, _without_ having to turn of JS completely, do anything really paranoid.
My whole comment, essentially, was about _avoiding_ turning off JS etc., and still maintaining a level of control over my browsing experience. I actually develop web applications for a living, so it would be a bit silly of me to say that we shouldn't have sessions support!
> > I believe the outcome will be a better business model for sites to make money
What I was referring to here, is that if ads and 3rd-party tracking are blocked, then sites will have to create new revenue streams to operate with - and if that means paying directly for good content, then I look forward to supporting that business model.
I think your annoyance is misplaced. I develop rails apps for a living, so I am aware of the importance of js, sessions etc. - I'm merely stating that I can have my cake (blocking 3rd-party trackers) and eat it (still use the next) too.
See https://adblockplus.org/en/acceptable-ads#optout (I have opted out).
I am annoyed that they accept money to whitelist ads and am also annoyed that they allow whitelisting like this at all; however there is a considerable distance between having opt-out whitelisting, and what you're implying.
At a fine-grained level, different aspects of that experience can be said to occur specifically on client or server. Each of those aspects can be constrained or manipulated by the respective property owner.
When it comes to preferences of the visitor for certain server actions (or inactions), one can only make a request. This isn't a grand moral point, or a technical one, but one of basic property rights and personal freedom. And such a request is what the DNT header signifies.
If visitors are unhappy with the behavior of a server, they can avoid it. In aggregate, such avoidance can become a significant market force. At the same time, a website that does no analytics for DNT visitors and has a high ratio of DNT visitors may also become less competitive and valuable over time. Both can feedback into respective preference consideration. This is ultimately the meager value of DNT. It (combined with adequate education) provides extra context data that can motivate through market forces an adjustment to web browsing norms.
Along the lines of "adequate education", the option in Firefox should read "Tell websites to restrict their tracking of me. __(Learn more.)__"
Practically, how would you know in advance if a server will respect your DNT preference without first visiting the site? Well, in real life, how do you know whether someone who invites you over for dinner won't serve you poison? One way is through trusted third-parties, but the market hasn't yet demanded such a service (and may never).
Absolutely. But the OP seemed to be saying that it was his right as the server owner to make me run his tracking scripts on my end.
If I have the wrong end of the stick then great, I'll shut up, but he seemed to be saying that clients don't get to go to his site and then reject his use of analytics by (for instance) refusing to load the scripts. I find that attitude quite objectionable.
I think it's his right not to provide site content for people who refuse to run his scripts, that seems perfectly reasonable, it's his site and his copyright material. I'd be perfectly happy for my initial request to have a header that says "By the way, I don't run analytics, social network widgets or graphical advertising". Then everyone is informed and everyone has a choice.
Yeah, it's perfectly fair and reasonable to have that attitude.
Practically speaking, something like the Collusion extension/add-on or Disconnect extension/add-on allow you to forcefully constrain a wide range of "tracking" activities preferred/requested by the server.
I think of websites like private properties. You are given conditional access on the assumption that you can behave (T&C / AUP), otherwise it's like trespassing. So, I don't think that people should expect excessive rights of freedom that they might have on their own property or even in public. It's a balancing act.
If we want to attach terms and conditions to it (i.e. to use this site you must accept analytics/tracking/advertising) then lets make a framework to automate this stuff. I'm perfectly happy for my browser to say, up-front, that it won't be displaying graphical ads and it won't be running any known trackers or analytic suites, it won't be providing you any location data, nor will it be loading any social media buttons or widgets. You can then decide if you want to give me your data. That would be fine.
But I'm not buying into some idea of an implied social contract to let website owners do what the hell they want with my device.
This has already been done years ago, and failed: http://en.wikipedia.org/wiki/P3P
I'm going to keep an eye on you as I see fit whilst you are in my shop. Surely you can see that as fair?
You are an agent entering my property. This is what your computer does when you access my site.
I can extend this further. You have your wallet, you make a purchase, I have a till I record the purchase and even give you a receipt of the purchase, so that you can come back and we can both agree that you've been here before. So you come on to my site and you click on a download, I record the event through Google Tag Manager, which shoots it across to Google Analytics, and I even give you a cookie, useful for both of us. Next time you come to the site perhaps that cookie will mean I hide the download button from you, or it shows another related download to you.
Feel free to rip up the receipt, or delete the cookie, you're messing with the accepted way of doing things and harming yourself as well as me, but please go ahead you're free to. But please try to understand that not everyone is out to get you, I'm not trying to 'spy' on you, I couldn't care less about you as an individual. I'm trying to optimise for the whole, for my business, for my clients. I have no evil agenda, and if I did you wouldn't be able to stop me because evil finds a way.
The social contract exists, it is established, and it is incredibly close to how physical suppliers of products and services work. You live your life allowing businesses to track your movements within their physical domains, so why have a double standard for virtual domains?
Don't pretend for a moment that because my 'shop' is rendering at your physical location that you aren't in fact virtually visiting me. You want something from my 'shop'? I want to know how you interact with my 'shop' It's really as simple as that.
Your logic damages good, honest people, instead of cutting to the actual problems. Things like Do Not Track and whining about tracking being invasive is simply attacking the symptom and not the root cause. It's like demanding a ban on horses because the cowboys harassing your town all ride them. It does bugger all but damage everyone else whilst the cowboys/evil people just ignore your ban or find another way. Please see logic.
No, no it does not. I'm not in your shop. I'm in my house. I requested some data from you, your server provided it. I'm under no obligation to do anything with that data at all, let alone allow you to execute arbitrary code on my computer because you feel like it's your right to.
It's closer to mail order, both in fact and in statute (remote selling regulations etc). You know I've ordered the catalog, you don't get to know it lay open at page 23 for half an hour or that I spent 15 minutes staring at the underwear models.
>> You want something from my 'shop'? I want to know how you interact with my 'shop' It's really as simple as that.
Cool, turns out I don't want it that badly that I'll allow my machine to tell you everything about what I'm doing, so if purchasing from your shop is conditional on you getting to run this code, do us both a favour and block my access.
>> Your logic damages good, honest people, instead of cutting to the actual problems. Things like Do Not Track and whining about tracking being invasive is simply attacking the symptom and not the root cause. It's like demanding a ban on horses because the cowboys harassing your town all ride them. It does bugger all but damage everyone else whilst the cowboys/evil people just ignore your ban or find another way. Please see logic.
You make the sweeping assumption here that it's ok to collect as much data as you like for purposes you think are good.
--edit-- let me make this very clear: I don't care in the slightest why you want to collect analytics data, I'm not interested in taking part and I won't allow my computer to leak information constantly.
And if that was what we were talking about then maybe, just maybe you'd have a point. But we're talking about active analytics scripts here.
Unless something about my behavior stands out to you I can make a reasonable assumption that 1) you are not going to watch me the entire time and 2) the only record you are going to keep of my visit is the transaction receipt, and perhaps a note that one more person came into your shop today.
Every web server platform I am familiar with already logs access requests, which I don't think anyone is arguing against and you are free to monitor and analyze as you wish.
If you must monitor individual visitor's behavior it seems most stores have already worked that one out too, for example membership programs. A new analogy may read
> I'm going to give you the option of signing up for a membership program. If you sign up I will offer you services tailored to your habits whilst you are in my shop.
Even if you require membership for your services the terms of the relationship (e.g. you will be tracked) are, usually, available prior to the socially-questionable activity (e.g. tracking).
But for your analytic package the analogy would be more like
> I'm going to install live cameras throughout the shop to record you whilst you are in my shop. I'm going to review the recordings, or send them to a third party, so I may identify you and analyze your behavior at my own discretion.
Even if a shop has a camera the only social contract I am aware of is that the tape may be reviewed in the event of criminal or suspicious behavior.
That's it has become fairly standard practice is a result of the masses wanting it that way.
2. I am aware of my options, thanks. But you'll find the other parties arguing that I don't or shouldn't have the right to exercise them.
This is a terrible idea, as it will just devolve into the same type of faux-consent as click-through agreements and whatnot. Then there will be some legal concept that you've agreed to render web pages a certain way, and you'll have created the world you don't want.
If computers are to empower individuals, they must be owned by individuals and function as individuals' agents - not simply as local terminals running opaque code dictated by someone else (either through the technical means of DRM, or in this example legal means). Machine boundaries are trust boundaries, and network protocols mediate between them. Protocols enforce how processes communicate, but only make recommendations for how they should act. Relying on anything else is madness and should be considered a bug.
DNT is good for us. We don't want to track someone who explicitly does not want to be tracked (boo, Microsoft IE team!)
In the end, Microsoft made the decision to force it into a yes/no, rather than leaving it at "NoPreference". I can fully see the argument that Microsoft is not following the spirit of the standard in doing so.
You already have control over this. That doesn't contradict someones right to track how people use the site.
> No, my computer, my browser, my roof, my rules.
And again, you already have control over this. However, if you give data to a remote server, they have the right to use that data. You are, in fact, giving them that data.
> No, people get offended when you try to turn their computer into a device that spies on them. And we get more offended that this sort of stuff happens without most people even being aware its going on.
That's a result of people wanting defaults, and most people change those defaults to be the least annoying as possible, regardless of security/privacy implications, even if it's explained to them.
> And it's so lovely of you to have made the decision for me that it's to my benefit, so I don't have to worry about pesky things like privacy concerns, or having control over my own computing.
But you do. You can prevent cookies from being put on your computer. You can prevent 3rd party cookies. You do have this control.
What do you not have control over that you feel you should have control over? You keep talking about control as if you don't have it?
>> And again, you already have control over this. However, if you give data to a remote server, they have the right to use that data. You are, in fact, giving them that data.
I think we may be talking at cross-purposes. The post I replied to says that they have a right to run tracking scripts and I don't have the right to reject them. This is what I disagree with.
Track that my IP address has requested page A, then B, then D, F, Q and P in rapid succession? Knock yourself out. I have no problem with this. If I want to obfuscate it I'll use Tor or a proxy. But he doesn't get to force me to run his scripts.
>> most people change those defaults to be the least annoying as possible, regardless of security/privacy implications, even if it's explained to them.
Indeed, but at least then they are informed and its their choice to make. At the moment this isn't really the case.
>> What do you not have control over that you feel you should have control over? You keep talking about control as if you don't have it?
I know I have these powers and I exercise them. I'm only arguing against people who seek to take them away.
Yep, I saw that. Maybe it's just my interpretation. I thought of that as saying "I have the right to have scripts that track you." Not "I have the right to require that you run those scripts." So, they can provide the scripts, you can just choose to not have them run.
That's where I am coming from, and I don't get that anyone is trying to take that part away from you. That's all =)
Unfortunately the OP has just popped up again to say exactly that.
Anyways, I'm preaching to the choir.
> But you don't have a right to say what runs on my computer, or make it tell you what I'm doing. This is where our perceived rights collide.
Exactly! But you also don't have the right to tell him not to send tracking info either. You do, however, have the right not to execute it. For instance NoScript, Ghostery,and AdBlock+ will prevent the requests for this content from being made and executed.
I think OP meant that once you make a request to his server, his server is free to do what it wants with that request. I agree with this line of thought because most if not all others are silly.
> No, people get offended when you try to turn their computer into a device that spies on them. And we get more offended that this sort of stuff happens without most people even being aware its going on. They may or may not object to it, but right now they don't even know.
Again, you have the ability to not let your computer send these types of requests for special analytics packages &c. You can't possibly believe that his storing access logs is wrong.
> This is about the only thing we agree on. It's pointless and it was never going to achieve anything.
I don't think they did mean that -
"But you've politely requested that I don't track you. For starters this should only ever be a polite request, not a forced rejection of any tracking scripts. I have a right to track how people use my site."
"People get way too offended by analytics tracking when it's there for their benefit."
It looks to me like they're saying that if you go to their site you have to run their scripts regardless of your own wishes, and that you're 'under his roof' and will therefore do what he says.
>> You can't possibly believe that his storing access logs is wrong.
No, I don't, that would indeed be silly!
I believe that it's rude to try to demand people run your code, and if you do demand it then we need to find a way for me to tell him up front that I'm not going to, so he can decide if he still wants to send me the page data.
"For starters this should only ever be a polite request, not a forced rejection of any tracking scripts. I have a right to track how people use my site."
And the followup by the same OP -
"I'm going to keep an eye on you as I see fit whilst you are in my shop. Surely you can see that as fair?
You are an agent entering my property. This is what your computer does when you access my site."
It seems clear to me that they feel entitled to have their scripts run on my computer. I have no issue with them checking their logs to see what I requested and when. Scripts, cookies, 0px images, each of these are mine to block as I see fit because I own the client, not them.
You're right about both parties' rights. However, dealing with the "Most Trusted Internet Company in Privacy" , I expect them to do better than to insist each their rights to the letter. With regard to this discussion, as a novice user, I'd expect Mozilla /not to track me/. No ifs, no buts -- Do Not Track ought to skip all third-party tracking and remove any of my identifying data from their logs as soon as reasonably possible.
"once you've made that choice you are within my domain"
If I'm visiting a site that talks about rocketry and I'm suddenly being served ads for fishing lures and rods because 10 minutes prior, I was searching for fishing reels, it feels creepy. And it's entirely your opinion that feeling creepy about being served ads for something I'm not currently looking at is wanting "to go back to the dark ages".
Take it in another way. If I'm visiting a flea market on Saturday morning and going by some stalls that sell home made cookies and such, I'm fine getting a flyer for pastries, donuts and cakes. I'm not fine getting a flyer for an 18 pack of socks at the cookie stall because Friday night after work, I went shopping for boxers at a completely different place.
Since many advertisers seem to have the Zuckerberg mindset when it comes to privacy and the mere notion of wanting to remain "un-caterered to" no matter how helpful and in my benefit you think it is, we're forced to take measures into our own hands.
BTW... Mozilla.org not respecting Do Not Track is exactly what I expected since they've decided that my request is needless considering what they produce.
Strong disagree. Whether a user finds benefit from tracking is the opinion of the user, not the opinion of the site doing the tracking.
It's very arrogant for a site to say "I'm doing this to you for your benefit", especially if it's not made clear what this is. If you find yourself having to tell someone that what you are doing is for their benefit, without explaining exactly what you are doing and why, you can safely assume it's not genuinely for their benefit.
I can agree that malicious tracking cannot be prevented - but this does not mean that benign sites are implicitly permitted to maliciously track people. That is totally unethical.
I'm not on your server. My browser isn't on your site. It sent a request to your server to send me a copy of some content. Your server sent that content. It's all on my computer.
lol no you don't. You're choosing to respond to HTTP requests to your site, you put it out in public. I'll make whatever requests I want to your site and do whatever I want with what you give me, which may include rendering some or all parts of a "web page" as I see fit. If I give you some data in turn, sure, do what you want with it.
Do Not Track is silly because it's based on trust. I don't trust you to not track me even if I ask you not to. The only privacy is when I choose not to send you data (and I shouldn't, and browsers are horrible in this regard, they have failed their users).
While I agree with the rest of your comment, isn't it possible that analytics is just snake oil for webmasters? The third party services like GA collect a staggering amount of real-time aggregate data in return for sharing a sliver of it with webmasters in the form of pretty graphs. I'm not saying this information isn't useful, but can webmasters reconcile the results against their own logs? Can they submit sanitized logs for analysis instead of including code in web pages, so they can proactively protect user privacy while sharing only the minimum data necessary for their needs? In any case, analytics services aren't motivated purely by altruism and their business model plausibly extends beyond purely providing a service to webmasters.
Specifically, it's to do with third party cookies, not any particular site.
If I visit someone's website, I'm usually perfectly happy for them to record my visit and my actions. If, on the other hand, I visit their website and some invisible actor (say, an advertiser) also tracks me, then it becomes insidious, especially if that other invisible actor is active on multiple sites.
This gets a bit blurred when you've got large vendors with multiple presences. For example, years ago when you logged into Hotmail, you'd be briefly redirected via passport.com (then live.com), and then directed back to Hotmail. Similarly, going to Microsoft's web page, or MSN's, or Technet, or any other site in the Microsoft stable, would redirect via the same site. This gave them single-sign-on, but also allowed them to "track" your activity across the entire network. That behaviour is used by many other large organisations such as Google.
However, it's also made its way into other large sites like Facebook and Twitter, because sites like that have "social media buttons" appearning on sites that aren't served by those sites but are served by Facebook and Twitter, so becoming third-party objects, and doing the same sort of pervasive insidious tracking across multiple domains and web properties.
The thing is, Google Analytics (as mentioned in the article) is such a pervasive ubiquitous invisible actor, but it's damn useful, so lots of people want to use it. The problem is that it's a third party object, and it's of massive benefit to Google too, not just the site owner.
So, where "do not track" fails is in distinguishing between "tracking" that's acceptable to many people, and "tracking" that's somewhat more invisible and pervasive. Switching it all off is harmful to the internet, but until it's sold correctly, it won't be acceptable otherwise.
Several web font services now fall into that category as well. The problem from a user's point of view is that you can block Google Analytics or Facebook Like buttons without any loss of functionality you probably wanted, but blocking Typekit or Google Web Fonts will often mess up the rendering of a page.
This changes the rules fundamentally. Before, with free services where you weren't the customer but the product, you could opt out by simply not using the service. Now, even with services where you really are the customer and maybe you really are paying for it, you can't opt out of the potentially intrusive third party service without opting out of or significantly degrading the main service you wanted to use as well.
This is a tricky area. Those third party services are pervasive precisely because they are useful to people who build the web sites that users enjoy, and if they're being given away for free, they have to fund themselves somehow. I also don't have much sympathy for people who don't load up someone's web site as it was presented to them but then complain that it doesn't look right or work properly (see also: not running JS, complaining that you can't want Flash content on your iPad, etc). In some respects, these third party services are almost certainly beneficial to users, too, because they act as CDNs that probably improve performance and lower bandwidth requirements compared to having every site self-host the same common material.
On the other hand, privacy matters. We have drifted into a situation where this kind of ubiquitous monitoring is widely used by site owners, but many of them probably don't even realise the implications for their users' privacy, or just don't care. We have rules about data protection and spamming and the like to deal with similar situations in slightly different contexts, and maybe it's time we had some rules about tracking by services that are incorporated indirectly on other people's web sites and possibly without a visitor's knowledge.
See comment 28 in the report. No one has argued to turn of all analytics on website. That is a straw man argument. The bug report simply ask that users who explicitly do not want to be tracked, can have their request granted. Turn off analytics for them and the problem is solved. Alternatively, they can use analytics that do not track each individual user.
We used to live in a world where statistics did not include 100% tallied votes. It was simply too expensive to do survey on all customers, all citizens, all users. Trends and data was extracted out of a limited sized sample, commonly from a opt-in basis. With websites however, it as cheaply and easy to track all users as it is to track a limited set of users, so data tend to be 100% rather then a subset. Thus, total tracking has always been about the price, rather than need.
Third party cookies are like as if the security camera is monitored and used by a random third party company who you are not even aware of. This is why it is bad.
Perhaps we should have a standard badge/button to indicate first party and third party tracking - something like https://www.safetysignsupplies.co.uk/images/product_imgs/ful... for first party cookies and a more "evil" version for third party cookies.
My ideas on DNT:
If a user specifies "do not track" in their browser-global or site-specific settings then ALL requests to third party domains should simply be blocked.
This could be backed up by a site-provided manifest (potentially containing a comment for each ones justification, or a flag to say if its required or optional) to 'whitelist' 3rd party domains that they require it. There should be a browser feature to view this whitelist and 'uncheck' any sites you disagree with.
In fact, IMHO, thats the way modern browsers should work anyway - it would certainly solve a huge number of other issues (XSS, etc).
It's too late to do that. There's lots of websites relying on 3rd party CDNs for non-tracking purposes (CloudFront, Google-hosted jQuery, etc.)
Filtering on domain name alone won't prevent traffic from going through 3rd parties — tracking companies can ask websites to set up DNS CNAME for them or they'll use top-level HTTP redirects (like google.com uses to track SERP clicks).
And "my mom" isn't going to be able to vet list of domains. She'll call me and ask me to "fix" the computer so that "Log in with Facebook" works and there are no scary technical questions.
Undoubtedly - hence the site-defined manifests for third parties.
i.e. instead of them having access to cookies stored under their own domain (e.g. cookies stored under thirdparty.net) they have access to cookies stored under the scope of the domain of the website in the browser address bar (e.g. cookies stored under email@example.com).
This would allow the use of third party services, but specifically restrict their usage to the target domain.
Do Not Track is a technology and policy proposal that enables users to opt out of tracking by websites they do not visit, including analytics services, advertising networks, and social platforms
However, Wikipedia says that the exact definition of what constitutes tracking is not yet clear.
The Do Not Track (DNT) header is the proposed HTTP header field DNT that requests that a web application disable either its tracking or cross-site user tracking (the ambiguity remains unresolved) of an individual user.
If you choose to send an e-mail newsletter to your users, you should (at least) be obliged to provide an unsubscribe option - providing two different experiences.
If you choose to track your users, you should (at least) be obliged to assume that DNT users have opted-out of this tracking and be responsible for not tracking them.
[I have understood that this is not the same in the US and the situation is therefore murky and EU law is not respected on the internet as a whole.]
What you described is not a legal obligation, although I personally think you should provide the option to opt-out of ads - I know of several sites that do and this makes a positive difference to me as a user.
What EU law requires a web site to check for and act on DNT?
e.g. from http://www.theregister.co.uk/2012/01/27/time_running_out_for...
[Peter Hustinx, the European Data Protection Supervisor] said that the DNT system "although valuable" seemed to "fall short of the" of the requirements for obtaining lawful consent set out in the EU's Privacy and Electronic Communications Directive.
It's nowhere near as simple as that, either in theory or in practice.
In practice, I agree there are several problems: it is common industry practice to ignore data protection concerns (led by example of large US corporations) and EU member states have neither the intent nor the means to enforce the law. What's more, the recent cookie directive debacle makes the EU seem confused and toothless.
In theory, however, data protection seems pretty clear to me: http://europa.eu/legislation_summaries/information_society/d...
Intended reform makes the situation even more clear: http://ec.europa.eu/justice/newsroom/data-protection/news/12...
I particularly recommend "How will the data protection reform affect social networks?", which discusses the requirements of 'privacy by default' and 'privacy by design'.
For something closer to the tracking we're talking about, it is normal to maintain server logs that show visits to your site, and to record various information that is voluntarily sent by browsers as part of HTTP requests. There's obviously some debate about how much IP addresses represent personal identification, but clearly in practice they can identify individuals under some circumstances. That doesn't mean someone has to ask you for permission to see your IP address when you visit their site, because obviously that would make no sense technically.
Obviously there are implications to keeping some of this data or using it for other purposes, but as I said, this is where things aren't always clear even in theory. Some issues really are black and white, but you quickly get into what is fair or reasonable or implicitly permitted by data subjects and what is crossing that line and should require explicit consent.
In practice, it's even worse, because we have silly things like the infamous EU cookie rules that are almost universally disliked by users (they make the experience of using web sites worse), almost universally ignored by business (who don't want the overheads of implementation and don't want their users' experience to be worse), and as far as I know universally unenforced by regulators (who would in many cases have to start by going after their own governments for flagrant violation). While possibly well-intentioned, such poorly conceived rules just bring data protection law into disrepute while alienating almost everyone. They also demonstrate that realistically there are few risks to flagrantly ignoring the rules as a business, which is hardly going to help with promoting good practice.
This isn't about advertising, it's about ad networks tracking users.
The problem with DNT isn't that it can be ignored, it's that it can be ignored without penalty. People who think purely technical solutions (including Ghostery, NoScript, Adblock etc.) are the answer are ignoring the reality of how easy it is to fingerprint and track users on the web.
The man scored a major point, and Mozilla has chosen to run away from it. The DNT flag, so far, looks just like the worthless piece of promotional fluff and 3-card Monte it is. ESPECIALLY if Mozilla chooses to run away from it.
We're going to need laws to protect us from the continual government AND corporate riot of people-tracking. The People don't like it, and once they get done with NSA in Congress, they might as well get busy on making tracking OPT-IN. Including cookies, browser finger-printing, stashing stuff in browser cache (disk AND memory), and the hundreds of other ways these geniuses have evolved to invade the social communication space to promote their bottom line. We badly need to have this discussion as a nation. Because its starting to run over our boot-tops.
Tracking could be limited to dot-coms. Then let the People decide whether to keep dot-coms in their bookmarks, or leave the rats to go down with their ship of fools.
On an unrelated note, I'm really impressed with the Persona login on that site. When I first saw it I thought, oh no, not another username and password. Why can't they just use social login where I already have accounts? But all I had to enter was my gmail address, approve the usage, and I was done. No extra username and password even though I've never used Persona before. No need to confirm an email. It worked out really well.
Does the poster expect the web server to not write a log line because he sent a DNT header too?
It's inherently different when contracted to a 3rd Party.
Third-party vendors are opposed because it would be the equivalent of giving all of the IP logs from a majority of the Internet to a single user (in this case, Google Analytics). The ability to discover trends on particular users than becomes massively possible in a way that simply doesn't exist with 1st Party tracking. The siren's call to monetize this data is ever present, so we seek to not allow the collection in the first place.
There's a difference between a 3rd party doing the analytics and a 3rd party cookie. GA can (and should) use a 1st party cookie for this, which would make it impossible for them to correlate between sites. As a bonus, turning off 3rd party cookies also breaks ad retargeting, which makes everything better.
At that point, it's the same as Mozilla doing it themselves, but your concerns about JS being more potentially intrusive is valid.
note: i may be wrong about GA using 1st party cookies. if so, that's really not cool.
In particular, comparing behaviors and IP addresses used in Google products and captured in Google Analytics would be very easy.
Likewise, Google knows a super-majority of site entrances from their search engine, and a correlation is trivial given that most users are logged in for search.
To wit: if I perform a search with a unique referrer, and that unique referrer is then captured with my Google Analytics user cookie, then I can be readily identified as a person.
Doubleclick and other Google services share this issue.
Others do use Third Party Cookies.
Mozilla is threatening to turn off 3rd Party cookies entirely, which has caused no small amount of concern from ad companies.
See this post, one in a series of hilariously over the top diatribes from the Interactive Advertising Bureau:
As for the ubiquity and potential for data sharing among Google services, I suppose I hadn't though that entirely through. I know there was one analytics company claiming it could track individuals between devices using some fancy statistics, but I assumed it was snake oil (it was not GA claiming that).
Anyway, I hear ya, and thanks. I can see a case against GA specifically, though I have a hard time swallowing it against all analytics. I suppose it's a question of trade-offs that people are willing to make.
It's possible GA could try to correlate IPs or browser fingerprints between 1st party cookies over multiple sites, but proxies and mobile devices would make that difficult. The fact that all the data is together in GA's warehouse doesn't change the fact that the data isn't there to be correlated.
As for JS being able to be more intrusive, sure, I get that. At that point, I suppose you have to trust the site you're on that they wouldn't use a service that was intrusive. Perhaps this is a bridge too far for some, which is reasonable.
I guess I just don't get wanting to ban the tool entirely when it could but is not currently be used nefariously. (working on the assumption that if GA started fingerprinting browsers someone would've seen the traffic by now. it's not easy to hide.)
DNT is a pointless 8 bytes that has no real, enforceable meaning.
Send the DNT header flag, but purposefully edit analytics requests. Thus, providers must honor DNT requests or risk a poisoned well of data.
This is not theoretical, I have a Chrome plugin which does this to Google Analytics requests, and am increasingly tempted to release it to the world.