Updated 'Do Not Track' draft says IE 10's default setting breaks rules

Updated 'Do Not Track' draft says IE 10's default setting breaks rules

Summary: Microsoft's plans to introduce a default "Do Not Track" setting have been scuppered by no less than the draft specification's writers themselves.

TOPICS: Microsoft

Microsoft likely knew it was going to be an unpopular move for advertisers and tracking companies but went ahead and barged its way through a storm of criticism.

Though, it wasn't that the pressure was too much for Microsoft. It falls down to the "Do Not Track" specification itself. In short: the new draft rules must give the user the option to choose rather than Microsoft making the default decision for them.

The new draft specification --- worked on by technology companies and browser makers, privacy advocates, and online advertising firms --- now states that "explicit consent" is required from users, Wired reports.

"An ordinary user agent must not send a Tracking Preference signal without a user’s explicit consent," the new rules say. For example, "on first run, the user agent prompts the user to configure the Tracking Preference signal."

Granted, it could end up with Microsoft forcing a new user to select a "do not allow websites to track me" versus an "allow websites to track me" option. The user has to choose, but it's a pretty clear choice on which option a user will pick.

ZDNet's Ed Bott sees Microsoft's move as more of a "consistent chain of events" that goes back many years.

The chances are Microsoft's position hasn't changed. The Redmond-based software giant still wants to fight for the rights of its users... or wants to strike a deathly blow to Google. Either way, intentions aside, it's a good move.

But "Do Not Track" is far from infallible. The crux of the opposing argument is that websites do not have to adhere to the rules. Instead, it's a flagging system to signal a user's preference rather than a direct opt-out solution.

Browsers with "Do Not Track" enabled do not block tracking cookies set by advertisers. Instead, it's the browser asking the website not to track the user. Online ad networks do not have to comply yet --- this may change in the coming months, but is not enforceable without a legislative approach --- but industry pressure is on following Twitter's move to support the technology.

Because the specification is no more than a list of best practices rather than rules, Microsoft can go its own way, twist the knife in the back of advertisers like Google, and go ahead with its default-setting anti-tracking solution.

All it means is that the technology giant will not be able to say it adheres to the proper "Do Not Track" specification. Having said that, it also means many websites could therefore ignore Internet Explorer 10's outbound flags, negating Microsoft's best efforts altogether.


Topic: Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Sounds like...

    ... Someone stuffed money into the draft writer's pockets...
    The one and only, Cylon Centurion
    • Google sponsers Mozilla, Opera and other who particvipate in W3C workgroup

      It is obvious that Google does not want restrictions on tracking.
      An optional feature will be used by less than 5% of users.
      They can live with that.
      • Ignored anyway

        The vast majority of sites will ignore the flag anyway, so what's the difference. As long as they are not legally compelled to comply, they won't.
  • The W3C should be disbanded

    It's a useless organization that only hurts the web.

    They were the original and only reason why the web developed incompatiblity problems in the first place. Firstly, because they published vague specifications, and the second time when they refined those specifications in a way that made them incompatible with the de facto standard interpretations (which at that time was mostly Microsoft's, because IE had >90% market share). This lead to older and modern browsers intepreting the same things differently. Microsoft has been blamed for years because of this, but the fact is: it was the W3C creating this problem.

    And now they want to go against the users (and Microsoft) again, and cripple innovation and limit freedom of choice. It's not that blocking advertising by default does not hurt the web economics - because it does; that is beyond question. But the W3C is supposed to be a technical body - not a subservant of it's members' (like that of Google's, Mozilla's, and the likes') and their economic interests.

    What they do now is to practically blackmail Microsoft that if the latter tries to go against the economic interest of their major stakeholders, then he will made the culprit again - just like they did in the old ages with the "web standards"-thing (which as explained above was their fault too). I just hope that the users (and even more?? the developers) have wisened up in the meantime, and will see through the W3C's latest propaganda action.

    Maybe the time has arrived to establish another, truly independent and transparent organization for managing web "standards", which can actually live up to its job, and not just chase behind the actual innovators, while crippling economics, both for users and developers.
    • I think they W3C hates Microsoft.

      for whatever reason this goes way back.
    • Take a look at who's writing the HTML5 proposal...

      A Google employee is writing the HTML5 spec proposal, along with one from Apple, who is in Google's back pocket.

      The W3C has also said that HTML5 won't be ratified until at least...[b][u]2022!!![/u][/b]
      • It wouldn't surprise me to find out Apple was behind this

        They are sucking up to advertisers because iAd is a major FAIL so far.
    • You need to change your Meds

      "Firstly, because they published vague specifications, and the second time when they refined those specifications in a way that made them incompatible with the de facto standard interpretations (which at that time was mostly Microsoft's, because IE had >90% market share)."

      So you believe that Microsoft should control the Internet? Sorry but Microsoft did not invent, nor did hey invest money into the Internet. If Microsoft can't play by the rules (and they always seem to have that issue),
      Jumpin Jack Flash
      • You completely missed the point. nobody played by the rules back then

        Not mosaic, not Netscape, not ms, because there were no rules for what they were doing. The W3C was too slow. They move at a glacial pace. That's the whole reason for the abomination we now know as Flash. MS never claimed to invent the internet but they have pioneered quite a bit of it. Dhtml, xmlrequest, etc. and they contributed more test cases for html5/css compatibility than anyone else. they also have the fastest, safest, most secure, and most privacy respecting browser.
        Johnny Vegas
    • Humm . . .

      Humm, Microsoft seems to like the W3C, though. They're upping the support for standards in every new version of IE, and oh, yeah, they're actually a member of the W3C.
  • Updated 'Do Not Track' draft says IE 10's default setting breaks rules

    As much as I want this Do Not Track option on by default I can't put a lot of faith in it now for the following reason:

    [i]Having said that, it also means many websites could therefore ignore Internet Explorer 10???s outbound flags, negating Microsoft???s best efforts altogether.[/i]
    It also means they can ignore any other browser that uses the do not track. Who is going to enforce it?
    Loverock Davidson-
    • RE: Who is going to enforce it?

      The browser user does!! If YOU do not want to be tracked, you must take the initiative.

      I have Firefox set to delete [b]most[/b], but not all cookies when I close a session. Ghostery is set to block most trackers.
  • MS should just put up an initial first run prompt only this time if the

    user chooses do not track they should not only turn on do not track, they should also disable third party cookies on the client side when you choose this so it's not just up to the websites honoring it. This is the right thing to do for users. Advertisers do not need to track you to give you ads.
    Johnny Vegas
  • Shocking...

    I would have really been surprised if this had gone through all the way.

    It just sounded like one of those things that you get promised that suddenly disappears at the last minute with a;

    "Oooooh jeeeez, so sorry guys, turns out we can't do that, here's an excuse and a fake apology."
  • Companies represented, consumers ignored and shut out.

    Speaking as a mere "user", I want a default to "Do NOT track."
    Better yet, I want a tool that allows me to designate who I do want to track me and my preferences. One that I can run when I want to, and not every damn time a new site or link shows up on my browser window.
    • Amen brother!

    • Sorry, there is no such technology

      You may wish to have such flags, but in reality, those are just labels. Like, you may wear an label that says "do not shoot me", and still be shoot, if you happen to be in the wrong place or if someone is aiming at you specifically.

      This "Do Not Track" stuff is completely useless and in my opinion exists only as an excuse for those who actually track you.

      Unless you take active measures (unlike this HTTP header), you must accept that you are being tracked. Always.
      • IE actually does that

        IE9 already has Tracking Protection built in, which actively blocks unwanted cookies selectively (!) from ad and analytics networks. That, however, is not activated by default.
    • Mozilla already backtracked on that with Firefox

      When Microsoft first announced Tracking Protection (way back in 2010), which is a far more effective form of DNT, because it actively blocks tracking, instead of just sending signals, Mozilla announced that they will also implement similar features.

      Then they realized (or Google pointed it out to them) that it would hurt their bottom line, so they actually went for DNT instead - which is practically useless from the end user's perspective, as it does not force the advertiser or the website to actually obey their wish of not wanting to be tracked.

      That's how Firefox got DNT in the end, instead of the far more effective Tracking Protection. Google in Chrome never actually implemented even that. And now these two companies (Mozilla and Google) want also to neuter even the DNT.

      People should really think through which companies do actually serve their interests, instead of just felling prey to propaganda, worship Google and Mozilla while despising Microsoft.
  • Some surefire ways to defeat tracking cookies:

    1: Set your browser to reject all cookies unless you have specified that a given site is allowed to send you cookies.
    2: Set your browser to delete all cookies when you exit.
    3: When you exit a site which requires cookies, manually clear the cookies. Although many sites do not install third party cookies, this is still a good idea if you are security conscious.

    While in some instances, we may have to accept cookies--we don't have to eat them.