The original agreement was carefully hashed out between advertisers and browser vendors with the understanding that only a small percentage of users would be opting out. When Microsoft reneged on that, the advertising industry backed out.
Whatever you think about online tracking, the voluntary nature of DNT and the complete lack of enforceability (there's no way, as a user, to determine whether a company is following DNT) made it pretty useless. True privacy protection needs to be on the client side (like script blocking or 3rd party cookie blocking), not on the server side.
Did you ever install IE10? The screen gave users the option to configure everything but selected the most likely settings for many things, not just DNT: http://img.wonderhowto.com/img/21/42/63487287284459/0/yahoo-...
What level of "not by default" would have been acceptable to advertisers? I suspect they would be happy only if the option was disabled by default and hidden from view. An uninformed consumer is a trackable consumer.
DNT was a voluntary standard, and the advertisers refused to buy in unless it was off by default (the vast majority of people will not change defaults, even if you make it easy for them). Microsoft violated that agreement to hurt Google, and as a result DNT is dead.
i applaud microsoft for protecting their customers, instead of selling them out like google does with android.
also, most big advertisers chose to ignore DNT only for IE. so no, it has not been dead for that long.
Given that turning DNT on by default would essentially turn DNT on for everybody, supporting DNT in that scenario would have imploded the whole business model of the same advertisers.
Obviously they're not going to voluntarily decide to go out of business, so the advertisers then dropped support for DNT entirely.
Now no one gets the benefit of DNT, not even the privacy-conscious minority who actually cared about it.
Welcome to second and third-order effects...
it is never enabled against the user knowledge. it is just the correct default when it is presented to them.
and again, by no-one, you mean YOU. you are pissed off that everyone is not disabled on DNT and not even shown the option, and only you and other tech savvy people can benefit.
And let's be fair, most people are going to agree to that long list of default settings even if the third bullet said "Sends 1 Bitcoin to Microsoft"
Source? How can those parties decide for users how many of them will opt out?
Wonder if anyone used it.
As a general guideline, exceptions to Do Not Track are warranted when
commercial interests substantially outweigh privacy and verification
interests. The following activities are excepted:
1. Tracking of users who have explicitly consented to tracking, such
as by enabling a checkbox in a preferences menu on the first-
party website of the tracking service.
2. Data obtained by a third party exclusively on behalf of and for
the use of a first party.
3. Data that is, with high confidence, not linkable to a specific
user or user agent. This exception includes statistical
aggregates of protocol logs, such as pageview statistics, so long
as the aggregator takes reasonable steps to ensure the data does
not reveal information about individual users, user agents,
devices, or log records. It also includes highly non-unique data
stored in the user agent, such as cookies used for advertising
frequency capping or sequencing. This exception does not include
anonymized data, which recent work has shown to be often re-
identifiable (see [Narayanan09] and [Narayanan08]).
4. Protocol logs, not aggregated across first parties, and subject
to a two week retention period.
5. Protocol logs used solely for advertising fraud detection, and
subject to a one month retention period.
6. Protocol logs used solely for security purposes such as intrusion
detection and forensics, and subject to a six month retention
7. Protocol logs used solely for financial fraud detection, and
subject to a six month retention period.
To ensure data allowed for only specific uses is adequately
protected, functional entities SHOULD implement strong internal
they are the only one solving the privacy-while-showing-ads issue by using safeframes. then they drop DNT because it is a fallacy for the most part.
but they write that announcement in the worst possible way and everyone goes crazy.
The crazy thing is that major websites like Yahoo don't even know what ads they are serving. And increasingly online ads are an attack vector for viruses and malware. In January Yahoo was serving malware via their online ads. And in February Google did the same.
And of course there are the major privacy issues with companies tracking us online. I understand that online publishing is important and we clearly need a strong press, but publishing really needs to find a new business model. Online ads are not the solution.
And I say this as someone who loathes advertising and the creepy mentality behind them. They're kind of necessary evil. Keeping a tighter rein on what kinds of ads can be served would help tremendously. They need to eradicate that stigma of them being a dangerous vector. Erf.
And besides, Do Not Track is a black box: they can do whatever the hell they like while our browser merely requests "Would you please not track me even if your site is entirely free and ad-supported?" Because it's not like they're keeping databases on us purely for fun.
She runs a company that cares about you and want the "best user experience", so long as it doesn't hurt the bottom line at all. And the next rounds of layoffs are probably not too far away, from everything I've heard.
I just find the apparent need to hide behind bromides such as these distasteful, particularly when they're not merely empty little phrases, but empty little phrases that are directly contradicted by the actions and interests if the organization that employs them.
For DNT, they have a lengthy explanation of how tracking is still done and totally helps your experience. Then the reverse the order of the buttons so the default is to cancel out of the operation.
Seems unlikely this was implemented as an accident.
Microsoft don't sound like the problem.
A browser should protect my privacy, give me tools to filter out content (images, ads, off site material), protect my browsing history, etc...
This is all besides the point - when every browser sends a flag that states "Do Not Track" - then "Do Not Track" loses all meaning.
Its not a matter of "correct", its a matter of what people bought into when the initially decided to support DNT.
The setting has to be either on or off by default. I think that most users, if asked, would like for it to be off. The only reason to leave it to "on" involves advertising doublethink, a.k.a. bullshit.
The advertisers agreed that as long as the flag had to be set manually by the user the would honor it. They made that agreement because it would not impact their revenue significantly. It would be very presumptuous to expect them to voluntarily destroy their own business. Because DNT is optional you need the advertisers and publishers to agree about it. So by making DNT on by default in IE advertisers walked away from the agreement and their is nothing we could do to stop them effectively killing DNT.
Now you mention most users don't want to be tracked, but what are they getting in exchange for being tracked? If you asked the average user would you allow your self to be tracked online to use Facebook I be most would say yes. How about you allow yourself to be tracked on line for 1 free latte at Starbucks/month? Again I think most would say yes.
You can opt-out of pretty much all the major ad networks at once, in fact: http://www.networkadvertising.org/choices/?partnerId=1
It's been like that for years. I'd submit that as evidence that the ad industry is willing and able to accommodate people who don't want to be tracked on an opt-out basis.
You can inspect the cookie. Yahoo's is literally "optout=1"
This post just makes it seem like one of the higher-ups realized that Yahoo's missing out on a chunk of data that everyone else gets and decided to go for a "quick win".
they are morons for not mentioning this on that announcement. basically, they are just ignoring DNT for the few in house ads that run on front page and such. which being in house, already can track you.
To speak of "tracking" one might mean:
A. Thou shalt not cookie a user.
B. Thou shalt not record plain text log files on a
server-side file system, regarding the nature of these
requests. Thou shalt not persist discrete information
to a relational database, with respect to these
particular HTTP requests.
C. Thou shalt not inspect which IP address HTTP POST
requests originate from, and treat them differently, if
a user proclaims "no tracksies". GET requests will be
treated as read-only requests for static resources. If
the static resources change, I wish to play no part in
D. Thou shalt neither inspect ANY HTTP requests (PUT,
DELETE, POST or GET), nor serve individualized
resources, regardless of any particular attributes
present in the request. Thou shalt only keep the
specific data I tell you to keep, and destroy
everything else related to my requests. At a later
point in time, I reserve the right to become
irrationally angry about your having kept the *some* of
the data I told you to keep, because, technically
speaking, the DO-NOT-TRACK header is all encompassing,
and supercedes all other instructions. I also reserve
the right to get angry if *your* system does not
perform according to *my* expectations, whatever those
expectations may be, at any particular time.
E. Thou shalt not provide me with any uniquely
identifiable information. I do not wish to receive
information which has not already been provided to
anyone else. Please do not transmit unique information
to me over the wire or over the air. Doing so will
change the state of my system in a unique way, which
I'll eventually have to answer to. If I receive non-
standard resources and information from you, my service
provider and local authorities, may use this against
me, and derive other information from these details. I
may be penalized for knowing or having things other
people do not.
F. This never happened. I don't exist. You don't exist. We
don't know each other. There was never any /index.html
or /default.htm available here. I never asked for it,
and if anyone did ask for it, you just said "404". You
don't know how many people were looking for that file,
or whether it was 5KB or 17MB at any particular time.
Beyond even that, in most cases, for a user to simply request the common courtesy of being forgotten might be unrealistic and completely ineffective from the outset.
"Please don't track me, but here's my ID and password, now log me into my account."
An honor system is certainly an admirable aspiration, but sending "do not track" requests by default also creates a general atmosphere of noise from users who may or may not be cognizant of the true nature of their actions.
The knee-jerk idea that cookies are bad isn't good enough. The idea that you can simply ask people to "be nice" also isn't good enough.
Dumb people are always going to be their own worst enemies, by playing the role of low hanging fruit to be preyed upon.
I've always felt that "do-not-track" requests were bullshit, just like the European cookie law was a silly white wash. (servers remember data, it's what they do. businesses exploit their customers for a profit, it's what they do.)
Just like having to opt into a "do-not-call" registry is bullshit. (no one wants to be cold-called by telemarketers, so why is this an opt-in thing?)
Just like anti-virus software is bullshit. (hey, how about you just don't execute code indiscriminately? doesn't that work too?)
The list goes on...
Roughly the size of Facebook and LinkedIn combined.