Do Not Track (software)

The Do-Not-Track initiative is supported by the Electronic Frontier Foundation , among others .

Do Not Track ( DNT ; English for "do not track") is an HTTP header field and signals a website or web application that it does not create a user profile of the visitor's activities. DNT was proposed by Christopher Soghoian, Sid Stamm, and Dan Kaminsky in 2009 . The standardization process by the W3C was ended in January 2019 without a final standard being adopted. Firefox was the first browser to support this field, followed later by Internet Explorer (version 9 or higher), Safari, Opera, Chrome and Edge.

history

In 2007, several consumer protection groups asked the Federal Trade Commission (FTC) if it was possible to create a DNT list for online advertising. It has been suggested that online advertisers be required to submit their information to the FTC so that they can compile a machine-readable list of the domain names of those companies that use cookies or other means to track consumers.

The DNT function was proposed by researchers Christopher Soghoian, Sid Stamm and Dan Kaminsky in 2009 and was standardized by the World Wide Web Consortium (W3C) in 2012 . In July 2009, Christopher Soghoian and Sid Stamm created the first prototype add-on for the Firefox web browser, which implemented support for the DNT header function. Tribe was at the time Privacy - engineer at Mozilla. Soghoian began working for the FTC soon after.

A year later, during a US Senate hearing on privacy, FTC Chairman Jon Leibowitz told the Senate Commerce Committee that the commission was exploring the idea of ​​a "do-not-track" list.

In December 2010 the FTC issued a data protection report calling for the development of a “do not track” system . This system should enable Internet users to prevent their actions from being monitored online.

A week later, also in December 2010, Microsoft announced support for the DNT function for its Internet Explorer 9 (IE 9) web browser . In the future, this should provide users with so-called blacklists (dt. Blacklists ) by a third party offer, which protect them from persecution. As of Internet Explorer 10, the DNT function was set to active by default. In 2015 Microsoft announced an end to this standard setting; in the future, users will have to activate DNT themselves.

In January 2011, Mozilla announced that their browser would support DNT headers in the future, which was first implemented in Mozilla Firefox 4.0 Beta 11. On March 7, 2011, a draft of Mozilla's DNT was submitted to the IETF .

DNT is now also supported by Apple Safari , Opera and Google Chrome , the latter from version 23.

In January 2019, the DNT standardization committee at the W3C was closed without attaining the status of a W3C standard. The reasons given were the insufficient number of implementations and a lack of indications of support for DNT by the browser manufacturers and other parties involved. In February 2019, DNT support was removed from Safari. According to Apple, this decision was made to make fingerprinting more difficult.

functionality

The header field named "DNT" currently accepts three states:

• "1" = in this case the user does not want to be followed (opt out)
• "0" = in this case the user agrees to be tracked (opt in) or
• " Null " (no header sent) = the user has not set a corresponding preference.

The latter case is standard, i.e. the header is not sent. Only when the user makes the appropriate settings in the browser will one of the other options, depending on the selection, be executed if the user so wishes. An exception is Internet Explorer 10 or higher, which sends "1" by default (see above).

When a web browser requests content or sends data over HTTP , it can optionally include additional information in one or more fields called “headers”. If the DNT header is set to the value 1, this implies that the user does not want to be followed.

The execution of this non-tracking policy can only be implemented on the HTTP server ; compliance is voluntary. In this respect, DNT is comparable to the Robots Exclusion Standard . This mechanism for HTTP server ensures that automatic web clients (so-called " web crawlers " or "robots" to dt. Robot ) can read files in which it was inserted by the respective operator of a website, whether and how its Web site crawlers should be searched. Here, too, no consideration is guaranteed, since compliance with this request must be carried out by the web crawler itself.

Effectiveness and significance under data protection law

Worldwide, websites are not yet legally obliged to respect DNT requests. The W3C has not yet been able to establish consensus between the advertising industry and the Federal Trade Commission in the USA. In Europe, the proposed DNT header in the "zero" position does not meet the requirements of Article 5 (3) of the ePrivacy Directive, which defines the informed consent for the setting and reading of cookies (so-called cookie article). Websites that ignore the IE-10 default setting "1" violate the cookie article. Violations of the cookie article were not prosecuted by the German data protection supervisory authorities in the first two years after its introduction .

The German data protection supervisory authorities agreed that setting the DNT header to 1 " is equivalent to declaring an objection within the meaning of Section 15 (3) TMG". Such contradictions should be taken into account by telemedia providers. If this option is set, service providers are not allowed to create any usage profiles even if they do not use cookies.

Since the spring of 2015, the Do Not Track web series has been providing information about Internet surveillance and possible countermeasures.

See also

• Your Online Choices

Web links

• DNT at Mozilla Firefox (FAQ) (English)
• DNT (English) at EFF (Electronic Frontier Foundation)
• Understanding your online privacy , accessed: February 8, 2012
• How to Turn on Do Not Track in Your Browser , accessed September 7, 2011

Individual evidence

1. ↑ Christopher Soghoian: The History of the Do Not Track Header . In: Slight Paranoia . Retrieved February 22, 2012.
2. ↑ Tracking Protection Working Group . In: W3C . Retrieved February 22, 2012.
3. ↑ ^{a b} "Web Tracking Protection: Minimum Standards and Opportunities to Innovate" . Accessed: June 16, 2012
4. ^ "The History of the Do Not Track Header" (PDF; 101 kB). Center for Democracy and Technology . October 31, 2007. Accessed June 16, 2012
5. ↑ Soghoian, Christopher. "The History of the Do Not Track Header" . Slight paranoia. Accessed: June 16, 2012
6. ^ "Tracking Protection Working Group" . W3C. Accessed: June 16, 2012
7. ^ Zetter, Kim (August 17, 2009). "Outspoken Privacy Advocate Joins FTC" . Wired News. Accessed: June 16, 2012
8. ↑ Corbin, Kenneth (July 28, 2010). "FTC Mulls Browser-Based Block for Online Ads" . Internet news. Accessed: June 16, 2012
9. ^ Angwin, Julia (December 2, 2010). "FTC Backs Do-Not-Track System for Web" . Wall Street Journal. Accessed: June 16, 2012
10. ↑ IEBlog (December 7, 2010), "IE9 and Privacy: Introducing Tracking Protection" . Accessed: June 16, 2012
11. ↑ Microsoft enables "Do Not Track" in Internet Explorer 10 . In: Heise.de , June 1, 2012. Retrieved June 16, 2012. 
12. ^ Fahmida Y. Rashid (June 2, 2012). "Microsoft Turns on Do Not Track By Default in IE10" . Accessed June 17, 2012
13. ↑ Parwez Farsan: "Do Not Track must be explicitly activated in future" Computerbase.de, April 5, 2015
14. ^ Angwin, Julia (January 21, 2011). "Web Tool On Firefox To Deter Tracking" . Wall Street Journal. Accessed June 17, 2012
15. ^ IETF "Do Not Track: A Universal Third-Party Web Tracking Opt Out" . Accessed: June 16, 2012
16. ↑ Nick Wingfield (April 14, 2011), "Apple Adds Do-Not-Track Tool to New Browser" , Wall Street Journal, accessed June 16, 2012
17. ↑ Opera Desktop Team (February 11, 2012), "Core update with Do Not Track, and mail and theme fixes" ( Memento of February 16, 2012 in the Internet Archive ), opera.com, accessed: June 16, 2012
18. ↑ Safari 12.1 Beta 3 Release Notes .
19. ↑ How Do Not Track works - The Do Not Track Field Guide . In: developer.mozilla.org . April 17, 2014. Retrieved January 15, 2015.
20. ↑ Do Not Track- Universal Web Tracking Opt-Out , accessed: June 17, 2012
21. ^ "Try out Do-Not-Track-HTTP-Header" . Accessed June 17, 2012
22. ↑ Berlin Commissioner for Data Protection and Freedom of Information: Report 2011 ( Memento of October 15, 2013 in the Internet Archive ) (PDF; 3.1 MB), p. 169
23. ↑ Bloomberg.com, Accessed: April 5, 2015 Olga Kharif: "The Cookies You Can't Crumble"
24. ↑ Yahoo deliberately ignores Do Not Track , Heise News, May 3, 2014
25. ↑ "Do Not Track: Implementations", Jonathan Mayer and Arvind Narayanan, affiliated with the Center for Internet and Society, Stanford Law School, Do Not Track Implementations , (date of access: June 18, 2015)
26. ↑ Why is Ixquick no longer available? Startpage, May 17, 2018, accessed June 26, 2018 . 
27. ↑ How to switch off your ad blocker for SPIEGEL ONLINE , Spiegel Online, August 16, 2017
28. ↑ donottrack-doc.com
29. ↑ badische-zeitung.de , April 21, 2015, Laura Sophia Jung: "Do Not Track" explains surveillance on the Internet (April 25, 2015)